NHS patient data security is to be tightened after cyberattack

Systems to ensure better protection of patients’ data are to be tightened in England, with extra funding to boost cybersecurity, severer punishments for security lapses, and promises of a new system to allow patients to opt out of their data being shared.

The government has announced a series of steps to improve data handling in the NHS and security of information in the wake of the WannaCry “ransomware” cyberattack in May that paralysed NHS information technology systems across dozens of organisations in England and Scotland.1

Doctors’ leaders have broadly welcomed the new approach but raised concerns over how the planned new opt-out system would affect patients who have already officially instructed GPs not to allow their data to be shared.